Need Dialup VPN to access different network segments

I have a terminal that has succesfully established and connected a VPN to my netscreen firewall with Ike user (using netscreen remote). However it can only connect to network 192.168.1.x - I've been unsuccesful in trying to connect to my other networks 192.168.2.x, 192.168.3.x, etc.

Re: Need Dialup VPN to access different network segments

What is the network and subnet mask that you have configured on your netscreen remote client??

If you configured 192.168.1.0/24 then it will only route 192.168.1.0 network down the vpn. If you want to access other subnets then you need to do 192.168.0.0/16, this will send all 192.168.x.0 networks down the tunnel.

Remember you will also have to change the policy on the firewall to match the new subnet 192.168.0.0/16

Re: Need Dialup VPN to access different network segments

The solution assumes you can summarize to /16. What if summarization is not desired or not possible for various reasons. I have similar problem where I initially had one internal segment accessible. I now want another discontiguous segment to be added. When I try to add the new subnet in the policy, I get an error message "Multiple addresses/services are not supported at current stage for bidirectional VPN policy".